Re: yellowdog-general Digest 1 Feb 2001 16:31:43 -0000 Issue 337

Subject: Re: yellowdog-general Digest 1 Feb 2001 16:31:43 -0000 Issue 337
From: Ben Ricker (bricker@us-rx.com)
Date: Thu Feb 01 2001 - 09:45:31 MST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Bryn Hughes: "Re: Farallon 10/100 the answer?"
• Previous message: Harris Scott R CIV AFRL/SNJM: "iBook X configuration"

>
> Subject:
>
> Re: More SSH
> From:
>
> Sam Moore <samiwas@macconnect.com>
> Date:
>
> Wed, 31 Jan 2001 23:16:59 -0500
>
> To:
>
> yellowdog-general@lists.yellowdoglinux.com
>
>
> Should sshd be added to etc/inetd.conf? Or is there a better way to get it to
> start at boot, i.e. from etc/rc?

I have read that SSH can be slow when run from inetd because it must
generate the 1024bit keys before the connection is made while the daemon
running standalone does not have the overhead of inetd. Having said
that, I have been running sshd out of inetd on a number of servers and
have hd no noticeable performance problems. It is slower then telnet
access, but the difference is about 1 second. I say try it from inetd.
One other good thing is that you can wrap sshd in tcpwrappers which
allows for the hosts.allow/deny to be utilized to lock down the box..

One additional comment: I have had problems running sshd through
tcpwrappers. I kept getting a 'Bad Packet Length' error from some
clients (but not others). If you get that error, try it without wrappers.

Ben Ricker
Senior Systems Administrator
US-Rx, Inc.

• Next message: Bryn Hughes: "Re: Farallon 10/100 the answer?"
• Previous message: Harris Scott R CIV AFRL/SNJM: "iBook X configuration"

This archive was generated by hypermail 2a24 : Thu Feb 01 2001 - 09:47:16 MST